A critical zero-day vulnerability has been found in Zoom – A video conferencing software, for Windows 7 or below. The vulnerability allows an attacker to execute remote code on the victim’s system without triggering any security warning. To successfully exploit this vulnerability, the attacker tricks a victim to perform operations like opening a crafted document. […]

Read More →

F5 BIG-IP is a multi-purpose networking device manufactured by F5 Networks which can be configured to work as traffic shaping system, firewall, load balancer, access gateway, rate limiter or SSL middleware. F5 BIG-IP devices are one of the most popular networking products and are widely used in government networks, banks, on the networks of internet […]

Read More →

Microsoft has released May Patch Tuesday security updates, addressing a total of 111 vulnerabilities in the family of Windows operating systems and related products. Out of these, 16 are classified as Critical and 95 as Important which includes Microsoft Windows, Edge EdgeHTML-based, Chromium-based, ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services and Web Apps, […]

Read More →

Microsoft rightly predicted that systems vulnerable to CVE-2020-0688, could be an attractive target for attackers and that this vulnerability could soon be included in upcoming attacks. Standing true to that, attackers have now started scanning the Internet for Microsoft Exchange Servers vulnerable to a Remote Code Execution flaw(CVE-2020-0688). This vulnerability received a patch during the […]

Read More →

Microsoft has released January Patch Tuesday security updates today, fixing 49 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products which includes Windows, Office, Office Services and Web Apps, Internet Explorer, .NET Core, ASP.NET, .NET Framework, OneDrive for Android, and Microsoft Dynamics. Out of these, 8 are classified as […]

Read More →

Microsoft publicizes November Patch Tuesday security updates today, fixing 74 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products. Out of these, 13 are classified as “Critical” and 61 as “Important”. Amongst the 13 Critical vulnerabilities, there is one vulnerability in Internet Explorer which is under the radar of […]

Read More →

iTerm2 is one of the most popular macOS terminal emulator and is a default choice for developers and administrators due to its extensive features like windows transparency, full-screen mode, notifications, integration with tmux etc. A critical remote code execution vulnerability has been discovered in iTerm2 by Radically Open Security, as part of an independent security […]

Read More →

A critical remote code execution (RCE) vulnerability affecting one of the widely used internet forum software vBulletin has been publicly disclosed. The vulnerability is identified with CVE-2019-16759 and allows an attacker to execute any command on the website like uploading malware, uploading shells or tampering with the website’s code. This vulnerability is believed to be […]

Read More →

Microsoft released its Patch Tuesday security updates today, revised 80 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and other products. Out of these 17 are classified as “Critical“, 61 as “Important”, and 1 as “Moderate“. While most of the “Critical” rated vulnerabilities influence the scripting engines and browsers in an […]

Read More →

Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and aiding in its security. A heap buffer overflow vulnerability has been discovered in some versions of the Squid web proxy cache servers. This vulnerability is tracked as CVE-2019-12527 and could be exploited by attackers to […]

Read More →